Download Print this page

Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04 Configuration Manual page 446

Software for e series broadband services routers system basics configuration guide

Hide thumbs Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04:

Configuration manual (304 pages)

,

Reference manual (284 pages)

Table Of Contents

Table of Contents

Advertisement

JunosE 11.3.x System Basics Configuration Guide

aaa authentication enable default

aaa authentication login

416

(Optional) Specify the privilege level by defining a method list for authentication.

3.

host1(config)aaa authentication enable default tacacs+ radius enable

(Optional) Enable authorization, and create an authorization method list.

4.

host1(config)aaa authorization commands 15 boston if-authenticated tacacs+

(Optional) Disable authorization for all Global Configuration commands.

5.

host1(config)#no aaa authorization config-commands

Specify the range of vty lines.

6.

host1(config)#line vty 6 10

host1(config-line)#

(Optional) Apply an authorization list to a vty line or a range of vty lines.

7.

host1(config-line)#authorization commands 15 boston

Specify the password for the vty lines.

8.

host1(config-line)#password xyz

Apply the authentication list to the vty lines you specified on your router.

9.

host1(config-line)#login authentication my_auth_list

Use to allow privilege determination to be authenticated through the TACACS+ or

RADIUS server. This command specifies a list of authentication methods that are used

to determine whether a user is granted access to the privilege command level.

The authentication methods that you can use in a list include these options: radius,

line, tacacs+, none, and enable.

To specify that the authentication should succeed even if all methods return an error,

specify none as the final method in the command line.

Requests sent to a TACACS+ or RADIUS server include the username that is entered

for login authentication.

If the authentication method list is empty, the local enable password is used.

Example

host1(config)#aaa authentication enable default tacacs+ radius

Use the no version to empty the list.

See aaa authentication enable default.

Use to set AAA authentication at login. This command creates a list that specifies the

methods of authentication.

After you have specified aaa new-model as the authentication method for vty lines,

an authentication list called default is automatically assigned to the vty lines. To allow

users to access the vty lines, you must create an authentication list and either:

Copyright © 2010, Juniper Networks, Inc.

Table of Contents

Advertisement

Table of Contents

Troubleshooting

Need help?

Need help?

Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04 and is the answer not in the manual?

Questions and answers

Related Products for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - SYSTEM BASICS CONFIGURATION GUIDE 2010-10-04

This manual is also suitable for:

Junose 11.3